toph/rigging
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions
rigging/lib/nomad.nix
Christopher Mühl 892161eae2
feat: initial rigging — multi-repo NixOS + Nomad infrastructure management 
Flake-parts module that repos import to declare hosts, jobs, and secrets.
Nushell CLI (rigging) aggregates multiple repos and provides unified
management: host deploy/build, job run/plan/stop, secret list/rekey.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-18 01:09:32 +01:00

223 lines
4 KiB
Nix
Raw Permalink Blame History

# Nomad-specific helper functions
{lib ? (import <nixpkgs> {}).lib}: {
# Pin a job/group to a specific hostname
pinToHost = hostname: [
{
attribute = "\${attr.unique.hostname}";
value = hostname;
}
];
# Pin to a node class
pinToClass = class: [
{
attribute = "\${node.class}";
value = class;
}
];
# Pin to a datacenter
pinToDatacenter = dc: [
{
attribute = "\${node.datacenter}";
value = dc;
}
];
# Require specific metadata
requireMeta = name: value: [
{
attribute = "\${meta.${name}}";
value = value;
}
];
# Generate Traefik service tags for reverse proxy routing
traefikTags = {
name,
domain,
entrypoint ? "websecure",
certResolver ? "letsencrypt",
middlewares ? [],
}: let
middlewareStr =
if middlewares == []
then []
else ["traefik.http.routers.${name}.middlewares=${lib.concatStringsSep "," middlewares}"];
in
[
"traefik.enable=true"
"traefik.http.routers.${name}.rule=Host(`${domain}`)"
"traefik.http.routers.${name}.entrypoints=${entrypoint}"
"traefik.http.routers.${name}.tls=true"
"traefik.http.routers.${name}.tls.certresolver=${certResolver}"
]
++ middlewareStr;
# Generate Consul service tags
consulTags = {
name,
version ? null,
env ? null,
}:
lib.filter (x: x != null) [
"service=${name}"
(
if version != null
then "version=${version}"
else null
)
(
if env != null
then "env=${env}"
else null
)
];
# Common resource presets
resources = {
tiny = {
cpu = 100;
memory = 128;
};
small = {
cpu = 256;
memory = 256;
};
medium = {
cpu = 512;
memory = 512;
};
large = {
cpu = 1024;
memory = 1024;
};
xlarge = {
cpu = 2048;
memory = 2048;
};
};
# Docker task helper
mkDockerTask = {
name,
image,
ports ? [],
env ? {},
volumes ? [],
args ? [],
command ? null,
resources ? {
cpu = 256;
memory = 256;
},
templates ? [],
}: {
${name} = {
driver = "docker";
config =
{
inherit image;
}
// (
if ports != []
then {ports = ports;}
else {}
)
// (
if volumes != []
then {inherit volumes;}
else {}
)
// (
if args != []
then {inherit args;}
else {}
)
// (
if command != null
then {inherit command;}
else {}
);
env = env;
resources = resources;
template = templates;
};
};
# Template helper for Nomad variables
mkNomadVarTemplate = {
path,
destPath ? "secrets/env",
envvars ? true,
content,
}: {
data = content;
destination = destPath;
env = envvars;
};
# Template helper for file configs
mkConfigTemplate = {
destPath,
content,
changeMode ? "restart",
changeSignal ? null,
}:
{
data = content;
destination = destPath;
change_mode = changeMode;
}
// (
if changeSignal != null
then {change_signal = changeSignal;}
else {}
);
# Network helper
mkNetwork = {
mode ? "bridge",
ports ? {},
}: {
inherit mode;
port = lib.mapAttrs (name: config:
if builtins.isInt config
then {static = config;}
else if builtins.isAttrs config
then config
else {})
ports;
};
# Service definition helper
mkService = {
name,
port,
provider ? "nomad",
tags ? [],
checks ? [],
}: {
inherit name port provider tags;
check = checks;
};
# HTTP health check
httpCheck = {
path ? "/health",
interval ? "10s",
timeout ? "2s",
}: {
type = "http";
inherit path interval timeout;
};
# TCP health check
tcpCheck = {
interval ? "10s",
timeout ? "2s",
}: {
type = "tcp";
inherit interval timeout;
};
}
Reference in a new issue View git blame Copy permalink